Current code doesn't init interrupt config when resume from S3.
The related register contect will be lost during S3.
This patch re-init these regiters.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Add an internal API to do action according to action function provided,
which can simplify the code.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Move move public API to the bottom part of the file.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Becuase the number of character of a line is 120.
Merge lines for a statement if needed.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
dmar_uint -> dmar_unit
remove i in line 756 added by accident.
Tracked-On: #1855
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
vcpu thread need to exit when doing VM full reset and VM shutdown.
Change the code to align the logic. This also can fix race condition
between ioreq client destruction and accessing.
Tracked-On: #1857
Signed-off-by: Fengwei Yin <fengwei.yin@intel.com>
Signed-off-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Yu Wang <yu1.wang@intel.com>
The guest could write the MSI-X Table fields in DWORD or QWORD. For
example the Message Address could be a QWORD write or two DWORD writes,
the Message Data could be a DWORD write or part of a QWORD write that
is combined with the Vector Control. This patch captures all the
possible combinations when the guest is configuring the MSI-X Table.
Tracked-On: #1568
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Though guests are not supposed to read Message Data/Addr, it's still better
off to initialize them to 0.
vector_control should be initialize to zero besides the mask bit.
Tracked-On: #1568
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
- in vmsix_cfgwrite(), it should write the new value 'val'.
- in vmsix_table_mmio_access_handler(), mmio_gpa is a typo for intercepted_gpa.
Tracked-On: #1568
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
remove the usage of HV_DEBUG in hypercall.c and vmcall.c
TO-DO:
Enhance Makefile to compile debug/release into 2 libraries
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
CSE FW uses an AEK (Attestation keybox Encryption Key) to encrypt the keybox
with AES-256-GCM algorithm before sending it to Android/Trusty. This key is
derived from the latest platform Seed by CSE FW with KDF (key derivation function)
HMAC-SHA256. After Trusty retrieves this encrypted keybox over HECI/MEI driver,
Trusty needs the same AEKkey to decrypt it. Hence, before Trusty launches,
Hypervisor derives the same AEK key from Platform Seed with the same algorithm
and the same derivation parameters, then sends this AEK along with Trusty vSeed
to Trusty world memory.
Since Platform Seed is only visible to Hypervisor and it must not be
sent to any guest VM, only Hypervisor can derive this AEK from this
Platform Seed, just like previous per-Trusty virtual Seed derivation.
Please note that Android Attestation Keybox is shared in a single hardware
platform, so all the Trusty instance/world can get the same AEK for
decryption even if there are multiple Android User OS/VMs running
on top of Hypervisor.
v1 --> v2:
Add detailed description why we need the patch to derive an extra key
v2 --> v3:
Convert API descriptions to Doxygen
Tracked-On: #1812
Reviewed-by: Bing Zhu <bing.zhu@intel.com>
Reviewed-by: Kai Wang <kai.z.wang@intel.com>
Signed-off-by: Chen Gang G <gang.g.chen@intel.com>
Acked-by: Bing Zhu <bing.zhu@intel.com>
I am currently using Yocto build and deploy UOS images, it would be
much more convenient to let the VMs to have the same names with when
they are being built. For instance, a typical image name in Yocto is
like: uos-image-weston, but it can not show the name completely with
'acrnctl list', since the length limit is 16.
Increasing the limit to 32 would fix this problem.
Tracked-On: #1837
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Revert the temporary workaround of calling allow_guest_pio_access() to
reset the I/O bitmap for CF9.
For CONFIG_ADDR register, only intercept I/O port CF8 to achieve these:
- In SOS, I/O bitmap for port CF9 is not set.
- In UOS or in partition mode, I/O requests to CF9/CFA/CFB won't be handled
by pci_cfgaddr_io_read/write() any more.
Tracked-On: #1815
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Register separate I/O emulation handlers for I/O port CF8 and CFC. This
makes the code simpler, and offers some flexibilities to be able to handle
CF8 and CFC ports differently.
Tracked-On: #1815
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
An I/O handler is not linked to the I/O access size, so in searching for
the registered I/O handler, don't need to check the I/O request's access
size.
In struct vm_io_handler_desc, change fields addr and len to port_start and
port_end respectively to adapt to this change.
Tracked-On: #1815
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Li, Fei1 <fei1.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
1. CPU_SEG_WRITE->CPU_SEG_READ: it's actually seg read
2. 0x%hu -> 0x%x: it need print hex format
Tracked-On: #1833
Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
- Remove the usage of HV_DEBUG in hv_main.c
The usage of HV_DEBUG in hv_main.c is for the shell command 'vmexit'.
Since vmexit info has been captured by acrntrace, there is no need to
keep this duplicated feature in shell command.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Reviewed-by: Eddie Dong <eddie.dong@intel.com>
Reviewed-by: Yin Fengwei <fengwei.yin@intel.com>
Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>
Adding Kconfig option to define the vuart port base address/IRQ.
By default, use 0x3F8/IRQ4. For MRB, use 0x3E8/IRQ6.
We are experiencing problems on NUC after changing from 0x3F8/IRQ4
to 0x3E8/IRQ6.
Tracked-On: #1817
Change-Id: Ie407e51a7bc25ac0bb4c61453c969f1466fa33ca
Signed-off-by: dongshen <dongsheng.x.zhang@intel.com>
Due to the side-effect to cache of "wbinvd" instruction, just apply it
in case of noncoherent DMA.
Tracked-On: #1824
Signed-off-by: Zheng, Gen <gen.zheng@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@intel.com>
ioreqs acrossing VM reset is meaningless. So we reset their status when
VM reset.
Please note, device model and service os need to handle various ioreqs
pending status in emergency reset condition carefully. Otherwises, the
post processing of such ioreqs might overwrite this reset.
Tracked-On: projectacrn#1821
Signed-off-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
this patch fixes such an information leaking issue:
in case that after a UOS is destroyed, its memroy
will be reclaimed and maybe re-allocated for a new UOS,
then the previous UOS sensitive data in memory may
be leaked to the new UOS.
Tracked-On: #1825
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Even in partition mode, we also need to clear vmid in vmid_bitmap to
indicate the VM is not present.
Tracked-On: projectacrn#1821
Signed-off-by: Shuo Liu <shuo.a.liu@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
this patch fix potential issue of initialization
about local variable in fsutils.c
Tracked-On: #1024
Signed-off-by: Zhonghua <zhonghua.sun@intel.com>
Reviewed-by: Huang, Yonghua <yonghua.huang@intel.com>
Acked-by: Chen, Gang <gang.c.chen@intel.com>
MISRA-C requires that the function call in which the returned
value is discarded shall be clearly indicated using (void).
This patch fixes the violations related to the following
function calls.
- instr_check_gva
- vlapic_set_local_intr
- prepare_vm
- enter_s3
- emulate_instruction
- ptdev_intx_pin_remap
- register_mmio_emulation_handler
v1 -> v2:
* discard the return value of enter_s3
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
This patch addes missing brackets for 'if/else' statements based on
MISRA-C requirements 12 S.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Reviewed-by: Huihuang Shi <huihuang.shi@intel.com>
576S: Function pointer is of wrong type. C90 requires the elements of an
designated initializer to appear in a fixed order, the same as the order of
declaration. C99 relaxes this rule but seems MISRA-C sticks to C90 in this
regard.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Reviewed-by: Huihuang Shi <huihuang.shi@intel.com>
- 331S: Literal value requires a U suffix.
- 612S: inline function should be declared static.
- 93S: Value is not of appropriate type. MISRA-C imposes strict type
checking: no comparison between signed and unsigned, etc.
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Huihuang Shi <huihuang.shi@intel.com>
458S: Implicit conversion: actual to formal param (MR): "The value of an
actual parameter shall not be implicitly converted to the type of a formal
parameter, if that conversion might result in the loss of information".
Tracked-On: #861
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Huihuang Shi <huihuang.shi@intel.com>
fix the following integer violations:
1. Signed/unsigned conversion without cast
2. Literal value requires a U suffix
3. Implicit conversion of underlying type
v3 -> v4:
* change the type of npk_loglevel/mem_loglevel/console_loglevel
from uint32_t to uint16_t
v2 -> v3:
* discard the return value of update_ept
* discard changes related to npk loglevel
v1 -> v2:
* remove the unnecessary changes related to the false positive
issues caused by scanning tool
* change the type of the local variable 'vlapic_id' from uint8_t
to uint32_t in function 'vlapic_build_id'
* change the type of the struct member 'flags' in shared_buf from
uint64_t to uint32_t
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Functions shall not call themselves, either directly or indirectly.
vpic_set_pinstate will cal vpic_notify_intr and results to recursion
violations,fix it out by mov vpic_notify_intr out of vpic_set_pinstate.
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
reviewed-by: Junjie Mao <junjie.mao@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
clean up mmio_read/mmio_write in instr_emul.c
- make these two functions inline
- discard the return value and add the pre condition
- rename these two functions to vie_mmio_read/vie_mmio_write
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
In current code, there is an out of range access to the array buses defined in struct struct context_table.
This patch defines CONFIG_IOMMU_BUS_NUM to replace CONFIG_IOMMU_INIT_BUS_LIMIT, which is clearer.
CONFIG_IOMMU_BUS_NUM equals to (CONFIG_IOMMU_INIT_BUS_LIMIT + 1).
Tracked-On: #1807
Signed-off-by: Binbin Wu <binbin.wu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
MISRA-C requires that the function call in which the returned
value is discarded shall be clearly indicated using (void).
This patch fixes the violations related to the following
function calls.
- vlapic_set_intr
- vlapic_intr_edge
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
to decrease the value of 'create_vcpus' in fail case.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Misra C reqires assembly code should comply with
the rules list below:
The assembly code's functionality should match the function's
name.If not,pls encapsulate the assembly code and give a suitable
name for describing the functionality.
V1->V2:
1.remove the dead code
2.update detail comment
V2->V3:
1.replace the macro name with upper case.
2.remove the typedef and rename the struct name
"_descriptor_table_" to "descriptor_table".
Tracked-On: #861
Signed-off-by: Huihuang Shi <huihuang.shi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
this patch is to avoid posisble inconsisent states for
VMs and vCPUs in configuration that SOS is SMP based
and Device Model may be multi-threads based.
Tracked-On: #861
Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Assign function pointer without the unary & operator.
Take 'register_io_emulation_handler' as an example:
void register_io_emulation_handler(struct acrn_vm *vm,
const struct vm_io_range *range,
io_read_fn_t io_read_fn_ptr,
io_write_fn_t io_write_fn_ptr)
The last two parameters are function pointer.
Sometimes we use function designator directly, while sometimes
with the unary & operator, as shown below.
- without &
register_io_emulation_handler(vm, &range, vuart_read, vuart_write);
- with &
register_io_emulation_handler(vm, &pci_cfg_range,
&pci_cfg_io_read, &pci_cfg_io_write);
To unify the coding style, we will go with the first way.
Tracked-On: #861
Signed-off-by: Shiqing Gao <shiqing.gao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
-- Config MAX_EMULATED_MMIO_REGIONS 16 in Kconfig
-- Add emulated mmio array and emulated mmio regions
in vm structure
-- Remove mmio list in vm structure
-- Remove unregister_mmio_emulation_handler and
vioapic_cleanup APIs
Tracked-On: #861
Signed-off-by: Mingqiang Chi <mingqiang.chi@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Update the User (guest) OS launch script with the Clear Linux
version used with ACRN v0.3 as well as the corresponding kernel
version.
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Update Getting Started Guide (GSG) with Clear Linux version and
kernel versions for ACRN v0.3.
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Update the capitalization of "Tracked-On" in the documentation.
"Tracked-on" should work but it throws a warning so it's better
to make the documentation focus on using "Tracked-On" only.
Signed-off-by: Geoffroy Van Cutsem <geoffroy.vancutsem@intel.com>
Sphinx supports making a single (large) html file instead of a
full website with a collection of html pages. This ``make singlehtml``
option provides the basis for creating a Word document (for example)
via a cut-and-paste of a section of the documentation (not easily
possible when the docs are in multiple HTML files.)
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Binbin Wu